exploitDog

CVE-2019-20221

Опубликовано: 02 янв. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page.

Ссылки

https://fatihhcelik.blogspot.com/2019/12/support-incident-tracker-xss-in-plugin.html
Exploit
Third Party Advisory
https://fatihhcelik.blogspot.com/2019/12/support-incident-tracker-xss-in-plugin.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sitracker:support_incident_tracker:3.67:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00328

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-6765-8gpf-6vw2

github

больше 3 лет назад

In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page.

EPSS

Процентиль: 55%

0.00328

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79